package cn.ls;

import cn.ls.realm.CustomerRealm002;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;

import java.util.Arrays;

public class TestCustomerRealmAuthenticator002 {
    public static void main(String[] args) {
        //1.
        DefaultSecurityManager securityManager = new DefaultSecurityManager();

        securityManager.setRealm(new CustomerRealm002());

        SecurityUtils.setSecurityManager(securityManager);

        Subject subject = SecurityUtils.getSubject();

        UsernamePasswordToken token = new UsernamePasswordToken("zhangsan", "123456");

        subject.login(token);

        //认证用户进行授权
        if(subject.isAuthenticated()){
            //1.基于角色权限控制
            System.out.println(subject.hasRole("admin"));

            //基于多角色权限控制
            System.out.println(subject.hasAllRoles(Arrays.asList("user","admin")));

            //基于一个角色
            boolean[] booleans = subject.hasRoles(Arrays.asList("user", "admin", "root"));
            for (boolean a:booleans){
                System.out.println(a);
            }
            System.out.println("-------------------");

            //基于权限字符串的访问控制
            System.out.println("权限:"+subject.isPermitted("user:*:01"));
        }
    }
}
